<?php

if (!eregi("admin.php", $_SERVER['SCRIPT_NAME'])) { die ("Access Denied"); }
global $prefix, $db;
$aid = substr("$aid", 0,25);
$row = $db->sql_fetchrow($db->sql_query("SELECT title, admins FROM ".$prefix."_modules WHERE title='Shop'"));
$row2 = $db->sql_fetchrow($db->sql_query("SELECT name, email, radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
$admins = explode(",", $row['admins']);
$auth_user = 0;
for ($i=0; $i < sizeof($admins); $i++) {
    if ($row2['name'] == "$admins[$i]" AND $row['admins'] != "") {
        $auth_user = 1;	
    }
}

if ($row2['radminsuper'] == 1 || $auth_user == 1) {

?>
<SCRIPT LANGUAGE="JavaScript">

<!-- This script and many more are available free online at -->
<!-- The JavaScript Source!! http://javascript.internet.com -->

<!-- Begin
function CaricaFoto(img){
  foto1= new Image();
  foto1.src=(img);
  Controlla(img);
}
function Controlla(img){
  if((foto1.width!=0)&&(foto1.height!=0)){
    viewFoto(img);
  }
  else{
    funzione="Controlla('"+img+"')";
    intervallo=setTimeout(funzione,20);
  }
}
function viewFoto(img){
  largh=foto1.width+20;
  altez=foto1.height+20;
  stringa="width="+largh+",height="+altez;
  finestra=window.open(img,"",stringa);
}
//  End -->
</script>
<?

include_once("language/shop_".$currentlang.".php");
include_once("../modules/Shop/s_config.php");

function getparent($parentid,$title) {
    global $prefix,$db;
    $sql = "select cid, cat_title, parentid from ".$prefix."_shop_categories where cid='$parentid'";
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $cid = $row[cid];
    $ptitle = $row[cat_title];
    $pparentid = $row[parentid];
    if ($ptitle!="") $title=$ptitle." | ".$title;
    if ($pparentid!=0) {
        $title=getparent($pparentid,$title);
    }
    return $title;
}

function getparent2($parentid,$cid) {
    global $prefix,$db;
    $cid = intval($cid);
    $sql = "select cid, cat_title, parentid from ".$prefix."_shop_categories where cid='$parentid'";
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $pparentid = $row[parentid];
    if ($pparentid == 0) {
        $a = 1;
    } elseif ($pparentid == $cid) {
        $a = 0;
    } else {
        $a=getparent2($pparentid,$cid);
    }
    return $a;
}

function getparent3($parentid) {
    global $prefix,$db;
    $parentid = intval($parentid);
    $sql = "select cid, parentid from ".$prefix."_shop_categories where cid='$parentid'";
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $pparentid = $row[parentid];
    if ($pparentid == 0) {
        $homcid = $row[cid];
    } else {
        $homcid=getparent3($pparentid);
    }
    return $homcid;
}

function fixweightcatshop() {
    global $prefix, $db;
    $resultweightcatshop = $db->sql_query("select cid from ".$prefix."_shop_categories where parentid='0' order by weight");
    $weight = 0;
    while($row = $db->sql_fetchrow($resultweightcatshop)) {
    $cid = $row['cid'];
	$weight++;
    $cid = intval($cid);
	$db->sql_query("update ".$prefix."_shop_categories set weight='$weight' where cid='$cid'");
    }
}

function menu() {
    echo "<center><b>"._SHOPADMIN."</b><br><br>\n"
     ."[ <a href=admin.php?op=shop>"._HOMEADMSHOP."</a> | \n"
     ."<a href=admin.php?op=shop_cat>"._ADMINSHOPCAT."</a> | \n"
     ."<a href=admin.php?op=shop_goods_list>"._LISTGOODS."</a> | \n"
     ."<a href=admin.php?op=shop_blockgoods>"._ADMINGOODSBLOCK4."</a> | \n"
     ."<a href=admin.php?op=shop_orders>"._ORDERS."</a> ]</center>\n";
    }

function shop() {
    global $prefix, $db, $multilingual, $bgcolor1, $bgcolor2, $pagenum, $cur;
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    /*----------Hang khuyen mai---------------*/
    $resultkm = $db->sql_query("SELECT * FROM ".$prefix."_shop WHERE action='1' order by pid DESC");
    $numkm = $db->sql_numrows($resultkm);
    $resultakm = $db->sql_query("SELECT * FROM ".$prefix."_shop WHERE action='0' AND description != '' AND pic != '' AND status ='1' AND show_home ='0' order by pid DESC");
    $numakm = $db->sql_numrows($resultakm);
    if ($numkm > 0 || $numakm > 0) {
    OpenTable();
    if ($numkm > 0) {
    echo "<center><b>"._GOOGSACT."</b></center><br>";
    echo "<table border=\"1\" bordercolor=\"#000000\" cellpadding=\"3\" cellspacing=\"3\" width=\"100%\" style=\"border-collapse: collapse\">\n";
    echo "<tr>\n";
    echo "<td align=\"center\"><b>TT</b></td>\n";
    echo "<td align=\"center\"><b>"._GOODSTITLE."</b></td>\n";
    echo "<td align=\"center\"><b>"._GOODSPRICE."</b></td>\n";
    echo "<td align=\"center\"><b>"._GOODSACPRICE."</b></td>\n";
    echo "<td align=\"center\"><b>"._SROKACT."</b></td>\n";
    echo "<td align=\"center\"><b>"._FUNCTIONS."</b></td>\n";
    echo "</tr>\n";
    $s=1;
    while ($row = $db->sql_fetchrow($resultkm)) {
    	echo "<tr>\n";
	echo "<td align=\"center\">$s</td>\n";
	echo "<td align=\"center\">$row[title]</td>\n";
	echo "<td align=\"center\">".number_format($row[price], 0, '.', ' ')." ".$cur."</td>\n";
	echo "<td align=\"center\">".number_format($row[action_price], 0, '.', ' ')." ".$cur."</td>\n";
	$zdate = date("j.n.Y G:i",$row[action_fdate]);
	if ($row[action_fdate] == '0') { $zdate = ""._SUNLIMITED.""; }
	echo "<td align=\"center\">$zdate</td>\n";
	echo "<td align=\"center\"><a href=\"admin.php?op=shop_action_off&pid=$row[pid]\">"._ENDACT."</a>\n";
	echo "| <a href=\"admin.php?op=shop_edit_goods&pid=$row[pid]\">"._EDITPAGE."</a> |\n";
	echo "<a href=\"admin.php?op=shop_delit_goods&pid=$row[pid]\">"._DELPAGE."</a></td>\n";
	echo "</tr>\n";
    	$s++;
    }
    echo"</table>\n";
    }
    if ($numakm > 0) {
    	echo"<br><center><form method=\"POST\" action=\"admin.php\">"._ADDACT.": "
    	."<select name=\"pid\">";
    	while ($rowakm = $db->sql_fetchrow($resultakm)) {
    	echo "<option value=\"$rowakm[pid]\">$rowakm[title]</option>";
    	}
    	echo"</select> \n";
    	echo"<input type=\"hidden\" name=\"op\" value=\"shop_action_add\">"
    	."<input type=\"submit\" value=\""._ADD."\"></form></center>";
    }
    CloseTable();
    echo "<br>";
    }
    /*-------------------END--------------------*/

    /*------------Hang gioi thieu---------------*/
    $resulthtg = $db->sql_query("SELECT * FROM ".$prefix."_shop WHERE show_home ='1'");
    $numhgt = $db->sql_numrows($resulthtg);
    $resultahgt = $db->sql_query("SELECT pid, title FROM ".$prefix."_shop WHERE action='0' AND addition != '' AND status ='1' AND show_home ='0'");
    $numahgt = $db->sql_numrows($resultahtg);
    if ($numhgt > 0 || $numahgt > 0) {
        OpenTable();
        if ($numhgt > 0) {
            echo "<center><b>"._GOODSHOME."</b></center><br>";
            echo "<table border=\"1\" bordercolor=\"#000000\" cellpadding=\"3\" cellspacing=\"3\" width=\"100%\" style=\"border-collapse: collapse\">\n";
            echo "<tr>\n";
            echo "<td align=\"center\"><b>TT</b></td>\n";
            echo "<td align=\"center\"><b>"._GOODSTITLE."</b></td>\n";
            echo "<td align=\"center\"><b>"._GOODSPRICE."</b></td>\n";
            echo "<td align=\"center\"><b>"._SLIMIT."</b></td>\n";
            echo "<td align=\"center\"><b>"._FUNCTIONS."</b></td>\n";
            echo "</tr>\n";
            $s=1;
            while ($row = $db->sql_fetchrow($resulthtg)) {
            	echo "<tr>\n";
	echo "<td align=\"center\">$s</td>\n";
	echo "<td align=\"center\">$row[title]</td>\n";
	echo "<td align=\"center\">".number_format($row[price], 0, '.', ' ')." ".$cur."</td>\n";
	$zdate = date("j.n.Y G:i",$row[limit_date]);
	if ($row[limit_date] == '0') { $zdate = ""._SUNLIMITED.""; }
	echo "<td align=\"center\">$zdate</td>\n";
	echo "<td align=\"center\"><a href=\"admin.php?op=shop_home_goods&pid=$row[pid]&act=off\">"._ENDHOME."</a>\n";
	echo "| <a href=\"admin.php?op=shop_edit_goods&pid=$row[pid]\">"._EDITPAGE."</a> |\n";
	echo "<a href=\"admin.php?op=shop_delit_goods&pid=$row[pid]\">"._DELPAGE."</a></td>\n";
	echo "</tr>\n";
    	$s++;
            }
            echo"</table>\n";
        }
        if ($numahgt > 0) {
        	echo"<br><center><form method=\"POST\" action=\"admin.php\">"._ADDHOME.": "
    	."<select name=\"pid\">";
    	while ($rowahgt = $db->sql_fetchrow($resultahgt)) {
    	echo "<option value=\"$rowahgt[pid]\">$rowahgt[title]</option>";
    	}
    	echo"</select>\n<input type=\"hidden\" name=\"act\" value=\"on\">\n"
    	."<input type=\"hidden\" name=\"op\" value=\"shop_home_goods\">\n"
    	."<input type=\"submit\" value=\""._ADD."\"></form></center>";
        }
        CloseTable();
        echo "<br>";
    }    
    /*-------------------END--------------------*/
    include("../footer.php");
}

function OrderShopCategory($weightrep,$weight,$catidrep,$catidori) {
    global $prefix, $db;
    $catidrep = intval($catidrep);
    $catidori = intval($catidori);
    $db->sql_query("update ".$prefix."_shop_categories set weight='$weight' where cid='$catidrep'");
    $db->sql_query("update ".$prefix."_shop_categories set weight='$weightrep' where cid='$catidori'");
    fixweightcatshop();
    Header("Location: admin.php?op=shop_cat");
}

function shop_cat() {
    global $prefix, $db, $multilingual, $language;
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";

/*------------Danh sach gian hang va loai hang---------------*/
     $resultcat = $db->sql_query("select cid, cat_title, parentid, weight from ".$prefix."_shop_categories order by parentid, weight, cat_title");
     if ($numrows = $db->sql_numrows($resultcat) > 0) {
     OpenTable();
          echo "<center><b>"._ADMINSHOPCAT."</b><br><br>";
          echo "<table border=\"1\" bordercolor=\"#000000\" cellpadding=\"3\" cellspacing=\"3\" width=\"100%\" style=\"border-collapse: collapse\">\n";
          echo "<tr>\n";
          echo "<td align=\"center\"><b>"._SCATTITLE."</b></td>\n";
          echo "<td align=\"center\"><b>"._CATSLH."</b></td>\n";
          echo "<td align=\"center\"><b>"._FUNCTIONS."</b></td>\n";
          echo "</tr>\n";
          while ($row = $db->sql_fetchrow($resultcat)) {
          	$cid2 = $row[cid];
	$title = $row[cat_title];
	$parentid2 = $row[parentid];
	if ($parentid2==0) {
	$weight = $row[weight];
	$weight1 = $weight - 1;
	$weight3 = $weight + 1;
	list($cid1) = $db->sql_fetchrow($db->sql_query("select cid from ".$prefix."_shop_categories where parentid='0' AND weight='$weight1'"));
	$con1 = "$cid1";
	list($cid3) = $db->sql_fetchrow($db->sql_query("select cid from ".$prefix."_shop_categories where parentid='0' AND weight='$weight3'"));
	$con3 = "$cid3";
	if ($con1) { $up = "<a href=\"admin.php?op=OrderShopCategory&amp;weight=$weight&amp;catidori=$cid2&amp;weightrep=$weight1&amp;catidrep=$con1\"><img src=\"../images/up.gif\" alt=\""._CATUP."\" title=\""._CATUP."\" border=\"0\" hspace=\"3\"></a>"; } else { $up = ""; }
	if ($con3) { $down = "<a href=\"admin.php?op=OrderShopCategory&amp;weight=$weight&amp;catidori=$cid2&amp;weightrep=$weight3&amp;catidrep=$con3\"><img src=\"../images/down.gif\" alt=\""._CATDOWN."\" title=\""._CATDOWN."\" border=\"0\" hspace=\"3\"></a>"; } else { $down = ""; }
	$up_down = "$up$down";
	if ((!$up) AND (!$down)) { $up_down = "&nbsp;"; }
	$xtitle = "<table border=0 cellpadding=\"0\" cellspacing=\"0\" style=\"border-collapse: collapse\"><tr><td width=\"35\">$up_down</td><td>$title</td></tr></table>\n";
	}
	if ($parentid2!=0) { $title=getparent($parentid2,$title); $xtitle = $title; }
	$danhsach .= "<option name=\"cid\" value=\"$cid2\">$title</option>\n";
          	echo "<tr>\n";
          	echo "<td>$xtitle</td>\n";
          	$slh = $db->sql_numrows($db->sql_query("select * from ".$prefix."_shop WHERE cid='$row[cid]'"));
          	echo "<td align=\"center\">$slh</td>\n";
          	echo "<td align=\"center\"><a href=\"admin.php?op=shop_edit_category&cid=$cid2\">"._EDIT."</a> | <a href=\"admin.php?op=shop_del_category&cid=$cid2\">"._DELETE."</a></td>\n";
          	echo "</tr>\n";
          }
     echo"</table>\n";
     CloseTable();
     echo "<br>";
    }
 /*-----------------------------END------------------------------*/

/*------------Them gian hang---------------*/
    OpenTable();
          echo "<center><b>"._ADDSHOPCAT."</b><br><br>";
          echo "<form method=\"POST\" action=\"admin.php\" enctype=\"multipart/form-data\">\n";
          echo "<table border=\"1\" cellpadding=\"3\" cellspacing=\"3\" style=\"border-collapse: collapse\" bordercolor=\"#000000\">\n";
          echo "<tr>\n";
          echo "<td><b>"._SCATTITLE.":</b></td>\n";
          echo "<td><input type=\"text\" name=\"title\" size=\"40\"></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          echo "<td><b>"._SCATDESCRIPTION.":</b></td>\n";
          echo "<td><textarea rows=\"5\" name=\"description\" cols=\"40\"></textarea></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          echo "<td><b>"._CATSPIC.":</b></td>\n";
          echo "<td><select name=\"cat_pic\">";
          $path1 = explode ("/", "../modules/Shop/images/cat/");
          $path = "$path1[0]/$path1[1]/$path1[2]/$path1[3]/$path1[4]";
          $handle=opendir($path);
          while ($file = readdir($handle)) {
	if ( (ereg("^([_0-9a-zA-Z]+)([.]{1})([_0-9a-zA-Z]{3})$",$file)) AND $file != "spacer.gif") {
	    $tlist .= "$file ";
	}
          }
          closedir($handle);
          $tlist = explode(" ", $tlist);
          sort($tlist);
          for ($i=0; $i < sizeof($tlist); $i++) {
	if($tlist[$i]!="") {
	    echo "<option name=\"cat_pic\" value=\"$tlist[$i]\">$tlist[$i]\n";
	}
          }
          echo"</select></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          if ($multilingual == 1) {
          echo "<td><b>"._LANGUAGE.":</b></td>\n";
          echo "<td><select name=\"clanguage\">\n";
          echo "<option name=\"clanguage\" selected>"._ALL."</option>\n";
          $handle=opendir('../language');
          while ($file = readdir($handle)) {
            if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
                $langFound = $matches[1];
                $languageslist .= "$langFound ";
            }
          }
          closedir($handle);
          $languageslist = explode(" ", $languageslist);
          sort($languageslist);
          for ($i=0; $i < sizeof($languageslist); $i++) {
            if($languageslist[$i]!="") {
                echo "<option name=\"clanguage\" value=\"$languageslist[$i]\" ";
                if($languageslist[$i]==$alanguage) echo "selected";
                echo ">".ucfirst($languageslist[$i])."</option>\n";
            }
          }
          echo "</select></td>\n";
          echo "</tr>\n";
          } else {
          echo "<input type=\"hidden\" name=\"clanguage\" value=\"$language\">\n";
          }
          if ($db->sql_numrows($resultcat) > 0) {
          echo "<tr>\n";
          echo "<td><b>"._INCAT.":</b></td>\n";
          echo "<td><select name=\"cid\">\n";
          echo "<option name=\"cid\" value=\"0\">"._INCAT0."</option>\n";
          echo "$danhsach";
          echo "</select></td>\n";
          echo "</tr>\n";
          } else {
          	echo "<input type=\"hidden\" name=\"cid\" value=\"0\">\n";
          }
          echo "<tr>\n";
          echo "<td><b>"._VIEWPRIV.":</b></td>\n";
          echo "<td><select name=\"view\">\n";
          echo "<option name=\"view\" value=\"0\">"._MVALL."</option>\n";
          echo "<option name=\"view\" value=\"1\" >"._MVUSERS."</option>\n";
          echo"<option name=\"view\" value=\"2\" >"._MVADMIN."</option>\n";
          echo "<option name=\"view\" value=\"3\" >"._MVANON."</option>\n";
          echo"<option name=\"view\" value=\"4\">"._MVGROUPS."</option>\n";
          echo "</select></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          echo "<td><b>"._WHATGROUPS."</b></td>\n";
          echo "<td>"._WHATGRDESC.":<br><select name='groups[]' multiple size='5'>\n";
          $groupsResult = $db->sql_query("select gid, gname from ".$prefix."_nsngr_groups WHERE gname!='Anonymous'");
          while(list($gid, $gname) = $db->sql_fetchrow($groupsResult)) {
              echo "<OPTION VALUE='$gid'>$gname</option>\n";
          }
          echo "</select></td>\n";
          echo "</tr>\n";
          echo "</table>\n";
          echo "<input type=\"hidden\" name=\"op\" value=\"shop_add_category\">\n";
          echo "<p align=\"center\"><input type=\"submit\" value=\""._ADDSHOPCAT."\"></p>\n";
          echo "</form></center>\n";
    CloseTable();
    echo "<br>";
/*-------------------END--------------------*/
include("../footer.php");
}

function shop_add_category($title, $description, $cat_pic, $clanguage, $cid, $view, $groups) {
    global $prefix, $db;
    $title = ereg_replace("\"","",$title);
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    if ($title=="") {
        echo "<br><br><b><center>"._SEROR1."</b><br><br>"._GOBACK."</center><br><br>";
        CloseTable();
        include("../footer.php");
        exit();
    }
    $cat_pic = ereg_replace("\"","",$cat_pic);
    $description = stripslashes(FixQuotes($description));
    $cid = intval($cid);
    if($view == 4) { $ingroups = implode("-",$groups); }
    if($view < 4) { $ingroups = ""; }
    if ($cid == '0') {
    $weightresult = $db->sql_query("SELECT weight FROM ".$prefix."_shop_categories WHERE parentid='0' ORDER BY weight DESC");
    $row = $db->sql_fetchrow($weightresult);
    $weight = $row['weight'];
    $weight++;
    } else {
    $weight = 0;
    }
    $db->sql_query("INSERT INTO ".$prefix."_shop_categories (cid, cat_title, cat_description, cat_pic, clanguage, parentid, weight, view, groups) VALUES (NULL, '$title', '$description', '$cat_pic', '$clanguage', '$cid', '$weight', '$view', '$ingroups')");
    fixweightcatshop();
    echo "<br><br><b><center>"._ADDSHOPCAT2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_cat\">";
    CloseTable();
    include("../footer.php");
}

function shop_edit_category($cid) {
    global $prefix, $db, $multilingual, $language;
    $cid = intval($cid);
    $resultscd = $db->sql_query("SELECT * FROM ".$prefix."_shop_categories WHERE cid='$cid'");
    if ($numrows = $db->sql_numrows($resultscd) != 1) { Header("Location: admin.php?op=shop_cat"); exit(); }
    $row = $db->sql_fetchrow($resultscd);
    $title = $row['cat_title'];
    $parentid = intval($row['parentid']);
    $description = $row['cat_description'];
    $pic = $row['cat_pic'];
    $clanguage = $row['clanguage'];
    $view = $row['view'];
    $groups = $row['groups'];
    $weight = $row['weight'];
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
          echo "<center><b>"._EDITSHOPCAT."</b><br><br>";
          echo "<form method=\"POST\" action=\"admin.php\" enctype=\"multipart/form-data\">\n";
          echo "<table border=\"1\" cellpadding=\"3\" cellspacing=\"3\" style=\"border-collapse: collapse\" bordercolor=\"#000000\">\n";
          echo "<tr>\n";
          echo "<td><b>"._SCATTITLE3.":</b></td>\n";
          echo "<td><input type=\"text\" name=\"title\" size=\"40\" value=\"$title\"></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          echo "<td><b>"._SCATDESCRIPTION.":</b></td>\n";
          echo "<td><textarea rows=\"5\" name=\"description\" cols=\"40\">$description</textarea></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          echo "<td><b>"._CATSPIC.":</b></td>\n";
          echo "<td><select name=\"cat_pic\">";
          $path1 = explode ("/", "../modules/Shop/images/cat/");
          $path = "$path1[0]/$path1[1]/$path1[2]/$path1[3]/$path1[4]";
          $handle=opendir($path);
          while ($file = readdir($handle)) {
	if ( (ereg("^([_0-9a-zA-Z]+)([.]{1})([_0-9a-zA-Z]{3})$",$file)) AND $file != "spacer.gif") {
	    $tlist .= "$file ";
	}
          }
          closedir($handle);
          $tlist = explode(" ", $tlist);
          sort($tlist);
          for ($i=0; $i < sizeof($tlist); $i++) {
	if($tlist[$i]!="") {
	    echo "<option name=\"cat_pic\" value=\"$tlist[$i]\"";
	    if($tlist[$i]==$pic) echo " selected";
	    echo">$tlist[$i]\n";
	}
          }
          echo"</select></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          if ($multilingual == 1) {
          echo "<td><b>"._LANGUAGE.":</b></td>\n";
          echo "<td><select name=\"clanguage\">\n";
          echo "<option name=\"clanguage\" selected>"._ALL."</option>\n";
          $handle=opendir('../language');
          while ($file = readdir($handle)) {
            if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
                $langFound = $matches[1];
                $languageslist .= "$langFound ";
            }
          }
          closedir($handle);
          $languageslist = explode(" ", $languageslist);
          sort($languageslist);
          for ($i=0; $i < sizeof($languageslist); $i++) {
            if($languageslist[$i]!="") {
                echo "<option name=\"clanguage\" value=\"$languageslist[$i]\"";
                if($languageslist[$i]==$clanguage) echo " selected";
                echo ">".ucfirst($languageslist[$i])."</option>\n";
            }
          }
          echo "</select></td>\n";
          echo "</tr>\n";
          } else {
          echo "<input type=\"hidden\" name=\"clanguage\" value=\"$clanguage\">\n";
          }
          echo "<tr>\n";
          echo "<td><b>"._INCAT.":</b></td>\n";
          echo "<td><select name=\"parentid\">\n";
          echo "<option name=\"parentid\" value=\"0\"";
          if($parentid == '0') echo " selected";
          echo">"._INCAT0."</option>";
          $resultparentid = $db->sql_query("select cid, cat_title, parentid from ".$prefix."_shop_categories where cid != '$cid' AND parentid!='$cid'");
          while ($row = $db->sql_fetchrow($resultparentid)) {
          	$cid2 = intval($row['cid']);
     	$title = $row['cat_title'];
     	$parentid2 = $row['parentid'];
                   if ($parentid2==0) { $a = 1; }
                   else { $a = getparent2($parentid2,$cid); }
                   if ($a==1) {
                   	if ($parentid2!=0) $title=getparent($parentid2,$title);
                   echo "<option name=\"parentid\" value=\"$cid2\"";
                   if($cid2 == $parentid) echo " selected";
                   echo">$title</option>";
                  }
          }
          echo "</select></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          echo "<td><b>"._VIEWPRIV.":</b></td>\n";
          echo "<td><select name=\"view\">\n";
          $arrayview = array(_MVALL, _MVUSERS, _MVADMIN, _MVANON, _MVGROUPS);
          for ($f=0; $f < sizeof($arrayview); $f++) {
              $sel = "";
              if ($f == $view) { $sel = " selected"; }
              echo "<option name=\"view\" value=\"$f\"$sel>$arrayview[$f]</option>\n";
          }
          echo "</select></td>\n";
          echo "</tr>\n";
          echo "<tr>\n";
          echo "<td><b>"._WHATGROUPS."</b></td>\n";
          echo "<td>"._WHATGRDESC.":<br><select name='groups[]' multiple size='5'>\n";
          $ingroups = explode("-",$groups);
          $groupsResult = $db->sql_query("select gid, gname from ".$prefix."_nsngr_groups WHERE gname!='Anonymous'");
          while(list($gid, $gname) = $db->sql_fetchrow($groupsResult)) {
              if(in_array($gid,$ingroups)) { $sel = " selected"; } else { $sel = ""; }
              echo "<option value='$gid'$sel>$gname</option>\n";
          }
          echo "</select></td>\n";
          echo "</tr>\n";
          echo "</table>\n";
          echo "<input type=\"hidden\" name=\"cid\" value=\"$cid\">\n";
          echo "<input type=\"hidden\" name=\"weight\" value=\"$weight\">\n";
          echo "<input type=\"hidden\" name=\"op\" value=\"shop_save_category\">\n";
          echo "<p align=\"center\"><input type=\"submit\" value=\""._SAVECHANGES."\"></p>\n";
          echo "</form></center>\n";
    CloseTable();
    include("../footer.php");
}

function shop_save_category($cid, $title, $description, $cat_pic, $clanguage, $parentid, $weight, $view, $groups) {
    global $prefix, $db;
    $cid = intval($cid);
    if ($db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_shop_categories WHERE cid='$cid'")) != 1) { Header("Location: admin.php?op=shop_cat"); exit(); }
    $title = ereg_replace("\"","",$title);
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    if ($title=="") {
        echo "<br><br><b><center>"._SEROR1."</b><br><br>"._GOBACK."</center><br><br>";
        CloseTable();
        include("../footer.php");
        exit();
    }
    $cat_pic = ereg_replace("\"","",$cat_pic);
    $description = stripslashes(FixQuotes($description));
    if($view == 4) { $ingroups = implode("-",$groups); }
    if($view < 4) { $ingroups = ""; }
    if ($parentid != 0) { $weight = 0; }
    if ($parentid == 0 AND $weight == 0) {
    list($newweight) = $db->sql_fetchrow($db->sql_query("SELECT max(weight) AS newweight FROM ".$prefix."_shop_categories"));
    if ($newweight == "-1") { $weight = 1; } else { $weight = $newweight+1; }
    }
    $db->sql_query("UPDATE ".$prefix."_shop_categories SET cat_title='$title', cat_description='$description', cat_pic='$cat_pic', clanguage='$clanguage', parentid='$parentid', weight='$weight', view='$view', groups='$ingroups' WHERE cid='$cid'");
    fixweightcatshop();
    echo "<br><br><b><center>"._EDITSHOPCAT2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_cat\">";
    CloseTable();
    include("../footer.php");
}

function shop_del_category($cid, $ok) {
    global $prefix, $db;
    $cid = intval($cid);
    $tresult = $db->sql_query("select * from ".$prefix."_shop_categories where cid='$cid'");
    if ($db->sql_numrows($tresult) != 1) { Header("Location: admin.php?op=shop_cat"); exit(); }
    if($ok) {
    $db->sql_query("DELETE FROM ".$prefix."_shop WHERE cid=$cid");
    $db->sql_query("DELETE FROM ".$prefix."_shop_categories WHERE parentid=$cid");
    $db->sql_query("DELETE FROM ".$prefix."_shop_categories WHERE cid=$cid");
    fixweightcatshop();
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._EDITSHOPCAT2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_cat\">";
    CloseTable();
    include("../footer.php");
    }
    else {
    $row = $db->sql_fetchrow($tresult);
    $cat_title = $row[cat_title];
    $parentid = $row[parentid];

    $numcat = $db->sql_numrows($db->sql_query("select * from ".$prefix."_shop_categories where parentid='$cid'"));
    $numpages = $db->sql_numrows($db->sql_query("select * from ".$prefix."_shop where cid='$cid'"));
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._DELPAGECAT."<br><br>"._DELNOTE."</b><br><br>";
    echo ""._DELNOTE1." <b>$cat_title</b>, "._DELNOTE2." <b>$numcat</b> "._DELNOTE3." <b>$numpages</b> "._DELNOTE4."<br><br>\n";
    echo "[ <a href=\"admin.php?op=shop_cat\"><b>"._NO."</b></a> | <a href=\"admin.php?op=shop_del_category&amp;cid=$cid&amp;ok=1\"><b>"._YES."</b></a> ]</center><br><br>";
    CloseTable();
    include("../footer.php");
    }
}


function shop_add_goods() {
    global $prefix, $db, $cur;
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._ADMINGOODS."</b><br><br>"
    ."<a href=admin.php?op=shop_goods_list&status=1>"._ACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0>"._NOACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0&srok=0>"._SGOOGSLIMITED."</a> | "
    ."<a href=admin.php?op=shop_add_goods>"._ADDGOODS."</a> | "
    ."<a href=admin.php?op=shop_price>"._SPRICE2."</a></center><br><br>";
    $resultmh = $db->sql_query("select cid, cat_title, parentid from ".$prefix."_shop_categories order by parentid, cat_title");
    if ($db->sql_numrows($resultmh) > 0) {
    echo""._ADDPAGENOTE."<br><br>";
    echo "<form enctype=\"multipart/form-data\" method=\"POST\" action=\"admin.php\">"
    ."<b>"._GOODSTITLE.": </b><br>"
    ."<input type=\"text\" name=\"title\" size=\"60\"><br><br>"
    ."<b>"._GOODSPRICE.": </b> <input type=\"text\" name=\"price\" size=\"5\"> $cur<br><br>"
    ."<b>"._INCAT.":</b><br>"
    ."<select name=\"cid\">";
           while ($row = $db->sql_fetchrow($resultmh)) {
           $cid2 = $row[cid];
           $title = $row[cat_title];
           $parentid2 = $row[parentid];
                if ($parentid2!=0) $title=getparent($parentid2,$title);
                echo "<option value=\"$cid2\">$title</option>";
                }
    echo "</select><br><br>"
    ."<b>"._GOODADDITION.":</b><br>"
    ."<textarea name=\"addition\" rows=\"3\" cols=\"60\"></textarea><br><br>"
    ."<b>"._GOODSDESCR.":</b><br>"
    ."<textarea name=\"description\" rows=\"5\" cols=\"60\"></textarea><br><br>"
    ."<b>"._FIRM."</b><br>"
    ."<input type=\"text\" name=\"firm\" size=\"60\"><br><br>"
    ."<b>"._FIRMURL."</b><br>"
    ."<input type=\"text\" name=\"site_firm\" size=\"60\"><br><br>"
    ."<b>"._GOODSPIC.":</b><br>"
    ."<input name=\"userfile\" size=\"40\" type=\"file\"><br><br>"
    ."<b>"._ACTIVPAGE."</b><input type=\"checkbox\" name=\"status\" value=\"1\" checked> "
    ."<b>"._SHOWHOME."</b><input type=\"checkbox\" name=\"show_home\" value=\"1\"><br><br>"
    ."<b>"._SLIMIT.":</b><br>";
    echo "<select name='newday'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 31; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newmonth'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 12; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newyear'>\n<option value='0000'>----</option>\n";
            for($i = date("Y"); $i <= date("Y")+5; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select> <select name='newhour'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 23; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:</b><select name='newmin'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 59; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:00</b><br>"._GR_EXPIRENOTE."<br><br>\n";
    echo"<input type=\"hidden\" name=\"op\" value=\"shop_save_goods\">"
    ."<input type=\"submit\" value=\""._ADDGOODS."\"></form><br><br>";
    } else {
    echo""._ADDPAGENOTE2."<br><br>";
    }
    CloseTable();
    include("../footer.php");
}


function shop_save_goods($title, $price, $cid, $addition, $description, $firm, $site_firm, $status, $show_home, $newday, $newmonth, $newyear, $newhour, $newmin) {
    global $prefix, $db, $allow_trumb, $width_trumb, $trumb_quality;
    if ($title == "") { eror_message($eror=5); exit; }
    if (($price == "") || (!is_numeric($price))) { eror_message($eror=6); exit; }
    if ($cid == "") { eror_message($eror=7); exit; }
    if ($addition == "") { eror_message($eror=8); exit; }
    $xdate = time();
    $datenew = $newyear."-".$newmonth."-".$newday." ".$newhour.":".$newmin.":00";
    if ($datenew == "0000-00-00 00:00:00") { $ydate = "0"; } else { $ydate = strtotime($datenew); }
    if ($ydate!="0" AND $ydate <= $xdate) { eror_message($eror=9); exit; }
    if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
    $f_name = explode(".",$_FILES['userfile']['name']);
    $extension = strtolower($f_name[1]);
    if ($extension != "jpg") { eror_message($eror=1); exit; }
    $realname = $_FILES['userfile']['name'];
    $datakod = date(U);
    $pic = "".$datakod."_".$realname."";
    $res = copy($_FILES['userfile']['tmp_name'], "../modules/Shop/pic/$pic");
    if (!$res) { eror_message($eror=2); exit; }
    
    $im_size = getimagesize("../modules/Shop/pic/$pic");
      if (($im_size[0] > $width_trumb) AND ($allow_trumb == 1)) {
      $res2 = copy($_FILES['userfile']['tmp_name'], "../modules/Shop/trumb_pic/$pic");
      if (!$res2) { eror_message($eror=3); exit; }
      $path_real = "../modules/Shop/trumb_pic/$pic";
      $src_img=ImageCreateFromJpeg("$path_real");
      $src_width=ImagesX($src_img);
      $src_height=ImagesY($src_img);
      $dest_width=$width_trumb;
      $dest_height=$src_height/($src_width/$dest_width);
      $quality=$trumb_quality;
      $dest_img=ImageCreateTrueColor($dest_width, $dest_height);
      ImageCopyResampled($dest_img, $src_img, 0, 0, 0, 0, $dest_width, $dest_height, $src_width, $src_height);
      $res3 = ImageJpeg($dest_img, $path_real, $quality);
      if (!$res3) { eror_message($eror=4); exit; }
      ImageDestroy($dest_img);
      }
    }

    $title = stripslashes(FixQuotes($title));
    $addition = nl2br(stripslashes(FixQuotes($addition)));
    $description = nl2br(stripslashes(FixQuotes($description)));
    $firm = stripslashes(FixQuotes($firm));
    $site_firm = stripslashes(FixQuotes($site_firm));
    $homsql = "select cid, parentid from ".$prefix."_shop_categories where cid='$cid'";
    $homresult = $db->sql_query($homsql);
    $row = $db->sql_fetchrow($homresult);
    if ($row[parentid] == 0) {
        $homcid = $row[cid];
    } else {
        $homcid=getparent3($row[parentid]);
    }
    $db->sql_query("INSERT INTO ".$prefix."_shop (pid, homcid, cid, title, addition, description, firm, site_firm, price, pic, date, limit_date, action_fdate, show_home, status) VALUES (NULL, '$homcid', '$cid', '$title', '$addition', '$description', '$firm', '$site_firm', '$price', '$pic', '$xdate', '$ydate', '-1', '$show_home', '$status')");
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._ADDGOODS2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_goods_list\">";
    CloseTable();
    include("../footer.php");
}

function eror_message($eror) {
    if ($eror == 1) { $er_mes = _SHOPEROR1; }
    if ($eror == 2) { $er_mes = _SHOPEROR2; }
    if ($eror == 3) { $er_mes = _SHOPEROR3; }
    if ($eror == 4) { $er_mes = _SHOPEROR4; }
    if ($eror == 5) { $er_mes = _SHOPEROR5; }
    if ($eror == 6) { $er_mes = _SHOPEROR6; }
    if ($eror == 7) { $er_mes = _SHOPEROR7; }
    if ($eror == 8) { $er_mes = _SHOPEROR8; }
    if ($eror == 9) { $er_mes = _SHOPEROR9; }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center>"._SHOPEROR."<br><br><b>$er_mes</b><br></center>";
    CloseTable();
    include("../footer.php");
}

function shop_delit_goods($pid, $ok) {
    global $prefix, $db;
    $pid = intval($pid);
    $yresult = $db->sql_query("select * from ".$prefix."_shop where pid='$pid'");
    $row = $db->sql_fetchrow($yresult);
    $title = $row[title];
    $pic= $row[pic];
    if($ok) {
    @unlink("../modules/Shop/block_pic/$pic");
    @unlink("../modules/Shop/trumb_pic/$pic");
    @unlink("../modules/Shop/pic/$pic");
    $db->sql_query("DELETE FROM ".$prefix."_shop WHERE pid='$pid'");
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._DELPAGES2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_goods_list\">";
    CloseTable();
    include("../footer.php");
    }
    else {
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._DELPAGES."</b><br><br>";
    echo ""._DELPAGENOTE1." <b>$title</b>.<br><br>";
    echo ""._DELPAGENOTE2."<br><br>[ <a href=\"admin.php?op=shop_goods_list\"><b>"._NO."</b></a> | <a href=\"admin.php?op=shop_delit_goods&amp;pid=$pid&amp;ok=1\"><b>"._YES."</b></a> ]</center><br><br>";
    CloseTable();
    include("../footer.php");
    }
}

function shop_status_goods($pid, $act) {
    global $prefix, $db;
    if ($act == "off") {
    $ff = ""._OFFPAGE3."";
    $tt = "admin.php?op=shop_goods_list";
    for ($g=0; $g < sizeof($pid); $g++) {
    $db->sql_query("UPDATE ".$prefix."_shop SET status='0', limit_date='-1' WHERE pid='$pid[$g]'");
    }
    }
    if ($act == "on") {
    $ff = ""._ONPAGE3."";
    $tt = "admin.php?op=shop_goods_list&status=0";
    for ($g=0; $g < sizeof($pid); $g++) {
    $db->sql_query("UPDATE ".$prefix."_shop SET status='1' WHERE pid='$pid[$g]'");
    }
    }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._OFFPAGE3."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=$tt\">";
    CloseTable();
    include("../footer.php");
}

function shop_home_goods($pid, $act) {
    global $prefix, $db;
    if ($act == "off") {
    $db->sql_query("UPDATE ".$prefix."_shop SET show_home='0' WHERE pid='$pid'");
    }
    if ($act == "on") {
    $db->sql_query("UPDATE ".$prefix."_shop SET show_home='1' WHERE pid='$pid'");
    }
    Header("Location: admin.php?op=shop");
}

function shop_action_off($pid) {
    global $prefix, $db;
    $db->sql_query("UPDATE ".$prefix."_shop SET action='0', action_price='0', action_fdate='-1' WHERE pid='$pid'");
    Header("Location: admin.php?op=shop");
}

function shop_action_add($pid) {
    global $db, $prefix, $cur;
    $acresult = $db->sql_query("select * from ".$prefix."_shop where pid='$pid'");
    $row = $db->sql_fetchrow($acresult);
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    $zdate = date("j.n.Y G:i",$row[limit_date]);
    if ($row[limit_date] == '0') { $zdate = ""._SUNLIMITED.""; }
    echo "<center><b>"._ADDACTION."</b><br><br></center>";
    echo "<table cellpadding=\"4\" cellspacing=\"4\"><tr><td>"._GOODSTITLE.":</td><td><b>$row[title]</b></td></tr>"
    ."<tr><td>"._GOODSPRICE.":</td><td><b>".number_format($row[price], 0, '.', ' ')." ".$cur."</b></td></tr>"
    ."<tr><td>"._SLIMIT.":</td><td><b>$zdate</b></td></tr>";
    echo "<form method=\"POST\" action=\"admin.php\">";
    echo "<tr><td>"._GOODSACPRICE.":</td><td><input type=\"text\" name=\"aprice\" size=\"5\"> $cur</td></tr>"
    ."<tr><td>"._SLIMIT.":</td><td>";
    echo "<select name='newday'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 31; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newmonth'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 12; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newyear'>\n<option value='0000'>----</option>\n";
            for($i = date("Y"); $i <= date("Y")+5; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select> <select name='newhour'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 23; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:</b><select name='newmin'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 59; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:00</b> ("._GR_EXPIRENOTE.")";
    echo"</td></tr></table>";
    echo "<input type=\"hidden\" name=\"pid\" value=\"$pid\"><br>
    <input type=\"hidden\" name=\"price\" value=\"$row[price]\">
    <input type=\"hidden\" name=\"limit_date\" value=\"$row[limit_date]\">
    <input type=\"hidden\" name=\"op\" value=\"shop_action_on\">
    <input type=\"submit\" value=\""._ADDACT."\"></form><br><br>";
    CloseTable();
    include("../footer.php");
}

function shop_action_on($pid, $limit_date, $newday, $newmonth, $newyear, $newhour, $newmin, $price, $aprice) {
    global $db, $prefix;
    $xdate = time();
    $datenew = $newyear."-".$newmonth."-".$newday." ".$newhour.":".$newmin.":00";
    if ($datenew == "0000-00-00 00:00:00") { $ydate = "0"; } else { $ydate = strtotime($datenew); }
    if ($ydate!="0" AND $ydate <= $xdate) { eror_message($eror=9); exit; }
    if ($limit_date!="0" && $ydate > $limit_date) { $ydate = $limit_date; }
    if ($aprice == "") { $aprice = $price; }
    $db->sql_query("UPDATE ".$prefix."_shop SET action='1', action_price='$aprice', action_fdate='$ydate' WHERE pid='$pid'");
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._ADDACTION2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop\">";
    CloseTable();
    include("../footer.php");
}

function shop_edit_goods($pid) {
    global $prefix, $db, $cur;
    $edresult = $db->sql_query("select * from ".$prefix."_shop where pid='$pid'");
    if ($db->sql_numrows($edresult) != 1) { Header("Location: admin.php?op=shop"); exit(); }
    $goods = $db->sql_fetchrow($edresult);
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
   echo "<br>";
    OpenTable();
    echo "<center><b>"._ADMINGOODS."</b><br><br>"
    ."<a href=admin.php?op=shop_goods_list&status=1>"._ACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0>"._NOACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0&srok=0>"._SGOOGSLIMITED."</a> | "
    ."<a href=admin.php?op=shop_add_goods>"._ADDGOODS."</a> | "
    ."<a href=admin.php?op=shop_price>"._SPRICE2."</a></center><br><br>";
    echo""._ADDPAGENOTE."<br><br>";
    echo "<form enctype=\"multipart/form-data\" method=\"POST\" action=\"admin.php\">"
    ."<b>"._GOODSTITLE.": </b><br>"
    ."<input type=\"text\" name=\"title\" size=\"60\" value=\"$goods[title]\"><br><br>"
    ."<b>"._GOODSPRICE.": </b> <input type=\"text\" name=\"price\" size=\"10\" value=\"".number_format($goods[price], 0, '.', '')."\"> $cur<br><br>"
    ."<b>"._INCAT.":</b><br>"
    ."<select name=\"cid\">";
           $resultmh = $db->sql_query("select cid, cat_title, parentid from ".$prefix."_shop_categories order by parentid, cat_title");
           while ($row = $db->sql_fetchrow($resultmh)) {
           $cid2 = $row[cid];
           $title = $row[cat_title];
           $parentid2 = $row[parentid];
                if ($parentid2!=0) $title=getparent($parentid2,$title);
                echo "<option value=\"$cid2\"";
                if ($goods[cid]==$cid2) { echo " selected"; }
                echo ">$title</option>";
                }
    echo "</select><br><br>"
    ."<b>"._GOODADDITION.":</b><br>"
    ."<textarea name=\"addition\" rows=\"3\" cols=\"60\">$goods[addition]</textarea><br><br>"
    ."<b>"._GOODSDESCR.":</b><br>"
    ."<textarea name=\"description\" rows=\"5\" cols=\"60\">$goods[description]</textarea><br><br>"
    ."<b>"._FIRM."</b><br>"
    ."<input type=\"text\" name=\"firm\" size=\"60\" value=\"$goods[firm]\"><br><br>"
    ."<b>"._FIRMURL."</b><br>"
    ."<input type=\"text\" name=\"site_firm\" size=\"60\" value=\"$goods[site_firm]\"><br><br>";
    if ($goods[pic] != "") {
    echo "<b>"._PIC2."</b>: ";
    if (file_exists("../modules/Shop/trumb_pic/$goods[pic]")) {
    echo "<A HREF=\"javascript:CaricaFoto('../modules/Shop/trumb_pic/$goods[pic]')\" BORDER=\"0\">$goods[pic]</a>";
    } else { echo "<A HREF=\"javascript:CaricaFoto('../modules/Shop/pic/$goods[pic]')\" BORDER=\"0\">$goods[pic]</a>"; }
    echo " | <b>"._DELPIC."</b>: <input type=\"checkbox\" name=\"del_pic\" value=\"1\"><br><br><b>"._PIC3.":</b><br>";
    } else {
    echo"<b>"._GOODSPIC.":</b><br>";
    }
    echo"<input type=\"hidden\" name=\"pic\" value=\"$goods[pic]\">"
    ."<input name=\"userfile\" size=\"40\" type=\"file\"><br><br>";
    if ($goods[status] == 1) {
    echo "<b>"._ACTIVPAGE."</b>: <input type=\"checkbox\" name=\"status\" value=\"1\" checked> ";
    }
    else {
    echo "<b>"._ACTIVPAGE."</b>: <input type=\"checkbox\" name=\"status\" value=\"1\"> ";
    }
    if ($goods[show_home] == 1) {
    echo "<b>"._SHOWHOME."</b>: <input type=\"checkbox\" name=\"show_home\" value=\"1\" checked><br><br>";
    }
    else {
    echo "<b>"._SHOWHOME."</b>: <input type=\"checkbox\" name=\"show_home\" value=\"1\"><br><br>";
    }
    $xdate = time();
    if ($goods[limit_date] > $xdate) {
        $zdate = date("j.n.Y G:i",$goods[limit_date]);
        echo "<b>"._SLIMIT.": $zdate</b><br><br>";
    } elseif ($goods[limit_date] == 0) {
       echo "<b>"._SLIMIT.": "._SUNLIMITED."</b><br><br>";
    } else {
       echo "<b>"._SGOOGSLIMITED."</b><br><br>";
    }
    echo"<input type=\"hidden\" name=\"limit_date\" value=\"$goods[limit_date]\">";
    echo "<b>"._SLIMIT6."</b>: <input type=\"checkbox\" name=\"newlimit\" value=\"1\"><br>";
    echo"<b>"._SLIMIT.":</b><br>";
    echo "<select name='newday'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 31; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newmonth'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 12; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newyear'>\n<option value='0000'>----</option>\n";
            for($i = date("Y"); $i <= date("Y")+5; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select> <select name='newhour'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 23; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:</b><select name='newmin'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 59; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:00</b><br>"._GR_EXPIRENOTE."<br><br>\n";
    echo "<input type=\"hidden\" name=\"pid\" value=\"$pid\">"
    ."<input type=\"hidden\" name=\"op\" value=\"shop_edit_save\">"
    ."<input type=\"submit\" value=\""._EDITGOODS."\"></form><br><br>";

    CloseTable();
    include("../footer.php");
}

function shop_edit_save($pid, $cid, $title, $addition, $description, $firm, $site_firm, $pic, $del_pic, $limit_date, $newlimit, $newday, $newmonth, $newyear, $newhour, $newmin, $price, $status, $show_home) {
    global $prefix, $db, $allow_trumb, $width_trumb, $trumb_quality;
    if ($title == "") { eror_message($eror=5); exit; }
    if (($price == "") || (!is_numeric($price))) { eror_message($eror=6); exit; }
    if ($cid == "") { eror_message($eror=7); exit; }
    if ($addition == "") { eror_message($eror=8); exit; }
    if ($newlimit == 1) {
    $xdate = time();
    $datenew = $newyear."-".$newmonth."-".$newday." ".$newhour.":".$newmin.":00";
    if ($datenew == "0000-00-00 00:00:00") { $limit_date = "0"; } else { $limit_date = strtotime($datenew); }
    if ($limit_date!="0" AND $limit_date <= $xdate) { eror_message($eror=9); exit; }
    }
    if(($del_pic == 1) || (is_uploaded_file($_FILES['userfile']['tmp_name']))) {
    @unlink("../modules/Shop/trumb_pic/$pic");
    @unlink("../modules/Shop/pic/$pic");
    $pic = "";
    }

    if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
    $f_name = explode(".",$_FILES['userfile']['name']);
    $extension = strtolower($f_name[1]);
    if ($extension != "jpg") { eror_message($eror=1); exit; }
    $realname = $_FILES['userfile']['name'];
    $datakod = date(U);
    $pic = "".$datakod."_".$realname."";
    $res = copy($_FILES['userfile']['tmp_name'], "../modules/Shop/pic/$pic");
    if (!$res) { eror_message($eror=2); exit; }
    
    $im_size = getimagesize("../modules/Shop/pic/$pic");
      if (($im_size[0] > $width_trumb) AND ($allow_trumb == 1)) {
      $res2 = copy($_FILES['userfile']['tmp_name'], "../modules/Shop/trumb_pic/$pic");
      if (!$res2) { eror_message($eror=3); exit; }
      $path_real = "../modules/Shop/trumb_pic/$pic";
      $src_img=ImageCreateFromJpeg("$path_real");
      $src_width=ImagesX($src_img);
      $src_height=ImagesY($src_img);
      $dest_width=$width_trumb;
      $dest_height=$src_height/($src_width/$dest_width);
      $quality=$trumb_quality;
      $dest_img=ImageCreateTrueColor($dest_width, $dest_height);
      ImageCopyResampled($dest_img, $src_img, 0, 0, 0, 0, $dest_width, $dest_height, $src_width, $src_height);
      $res3 = ImageJpeg($dest_img, $path_real, $quality);
      if (!$res3) { eror_message($eror=4); exit; }
      ImageDestroy($dest_img);
      }
    }
    $title = stripslashes(FixQuotes($title));
    $addition = stripslashes(FixQuotes($addition));
    $description = stripslashes(FixQuotes($description));
    $firm = stripslashes(FixQuotes($firm));
    $site_firm = stripslashes(FixQuotes($site_firm));
    $homsql = "select cid, parentid from ".$prefix."_shop_categories where cid='$cid'";
    $homresult = $db->sql_query($homsql);
    $row = $db->sql_fetchrow($homresult);
    if ($row[parentid] == 0) {
        $homcid = $row[cid];
    } else {
        $homcid=getparent3($row[parentid]);
    }
    $db->sql_query("UPDATE ".$prefix."_shop SET homcid='$homcid', cid='$cid', title='$title', addition='$addition', description='$description', firm='$firm', site_firm='$site_firm', price='$price', pic='$pic', limit_date='$limit_date', show_home='$show_home', status='$status' WHERE pid='$pid'");
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._EDITGOODS2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_goods_list\">";
    CloseTable();
    include("../footer.php");
}

function shop_orders($status) {
    global $prefix, $db, $pagenum, $cur;
    if ($status == "") { $status = "on"; }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._ADMINORDERS."</b><br><br><a href=admin.php?op=shop_orders&status=off>"._OFFORDERS."</a> | <a href=admin.php?op=shop_orders&status=on>"._ONORDERS."</a></center><br><br>";
    if ($status == "off") { echo "<center><b>"._OFFORDERSS."</b></center><br>"; $st = "WHERE order_status = '1'"; }
    if ($status == "on") { echo "<center><b>"._ONORDERSS."</b></center><br>"; $st = "WHERE order_status = '0'"; }
    
    $storynum = 20;
    if ($pagenum == "") { $pagenum = 1; $storynum = $storynum; }
    $offset = ($pagenum-1) * $storynum;
    
    $ordresult = $db->sql_query("SELECT * FROM ".$prefix."_shop_orders $st limit $offset, $storynum");
    $num = $db->sql_numrows($ordresult);
    if ($num == 0) {
    echo "<center><br><br><b>"._NOUORDERS."</b><br><br></center>";
    } else {
    echo "<table width=\"100%\" border=\"1\" cellpadding=\"4\" cellspacing=\"0\"><tr bgcolor=#EFEFEF><td><b>"._ORDERSENDER."</td><td><b>"._ORDERTEXT."</td><td align=center><b>"._ALLSUM."</td><td align=center><b>";
    if ($status == "off") { echo""._CONFORDATE.""; } else { echo""._ORDERDATE.""; }
    echo"</td><td align=center><b>"._ADMINENTER."</td></tr>";
    while ($orders = $db->sql_fetchrow($ordresult)) {
    $ord_text = explode("<=>", $orders[order_text]);
    if ($b == 1) { $bg = "bgcolor=\"#EFEFEF\""; }
    else { $bg = ""; }
    echo "<tr $bg><td valign=top><b><a href=\"../modules.php?name=Your_Account&op=userinfo&username=$orders[order_uname]\">$orders[order_uname]</a></b></td><td valign=top>";
    for($p=0; $p<count($ord_text); $p++) {
    echo "- $ord_text[$p]<br>";
    }
    if ($status == "off") { $zdate = date("j.n.Y G:i",$orders[confor_date]); } else { $zdate = date("j.n.Y G:i",$orders[order_date]); }
    echo "</td><td align=center><b>".number_format($orders[order_sum], 0, '.', ' ')." $cur</b></td><td align=center>$zdate</td><td align=center><b>";
    if ($status == "on") {
    echo "<a href=admin.php?op=shop_order_confirm&order_id=$orders[order_id]>"._CONFORDER."</a><br>";
    }
    echo "<a href=admin.php?op=shop_order_delit&order_id=$orders[order_id]>"._DELPAGE."</a></b></td></tr>";
    $b++; if ($b==2) { $b=0; }
    }
    echo "</table><br>";
    }
    
    #START Page Numbers
    $sql_pn = "select * from ".$prefix."_shop_orders $st";
    $result_pn = $db->sql_query($sql_pn);
    $numstories = $db->sql_numrows($result_pn);
    @$numpages = ceil($numstories / $storynum);
    if ($numpages > 1) {
        echo "<hr><center>" ;
        if ($pagenum > 1) {
            $prevpage = $pagenum - 1 ;
                        $leftarrow = "../images/left.gif" ;
                echo "<a href=\"admin.php?op=shop_orders&status=$status&amp;pagenum=$prevpage\">";
                echo "<img src=\"$leftarrow\" align=\"absmiddle\" border=\"0\" hspace=\"10\"></a>";
        }
        for ($i=1; $i < $numpages+1; $i++) {

            if ($i == $pagenum) {
                echo "<b>$i</b>";
            }
            else {
            $pagelink = 5;
            if (($i > $pagenum) AND ($i < $pagenum+$pagelink) OR ($i < $pagenum) AND ($i > $pagenum-$pagelink)) {
            echo " <a href=\"admin.php?op=shop_orders&status=$status&amp;pagenum=$i\">$i</a> ";
            }
            if (($i == $numpages) AND ($pagenum < $numpages-$pagelink)){
            echo "... <a href=\"admin.php?op=shop_orders&status=$status&amp;pagenum=$i\">$i</a>";
            }
            if (($i == 1) AND ($pagenum > 1+$pagelink)){
            echo "<a href=\"admin.php?op=shop_orders&status=$status&amp;pagenum=$i\">$i</a> ...";
            }
            }
        }
        if ($pagenum < $numpages) {
            $nextpage = $pagenum + 1 ;
                        $rightarrow = "../images/right.gif" ;
                echo "<a href=\"admin.php?op=shop_orders&status=$status&amp;pagenum=$nextpage\">";
                echo "<img src=\"$rightarrow\" align=\"absmiddle\" border=\"0\" hspace=\"10\"></a>";
        }
        echo "</center>" ;
    }
    #END Page Numbers
    CloseTable();
    include("../footer.php");
}

function shop_order_confirm($order_id, $ok) {
    global $prefix, $db, $user_prefix, $sitename, $nukeurl, $adminmail, $cur;
    $order_id = intval($order_id);
    if($ok) {
    $xdate = time();
    $db->sql_query("UPDATE ".$prefix."_shop_orders SET order_status='1', confor_date='$xdate' WHERE order_id='$order_id'");
    $ordresult = $db->sql_query("SELECT * FROM ".$prefix."_shop_orders WHERE order_id='$order_id'");
    $orders = $db->sql_fetchrow($ordresult);
    $ord_text = explode("<=>", $orders[order_text]);
    $msg = "";
    for ($h=0; $h < sizeof($ord_text); $h++) {
    $ord = explode("|", $ord_text[$h]);
    $msg .= "$ord[0] | "._SPRICE.": ".number_format($ord[1], 2)." ".$cur." | "._COUNT.": $ord[2]\n";
    }
    $zdate = date("j.n.Y G:i",$orders[order_date]);
    $order_uname = $orders[order_uname];
    list($order_uemail) = $db->sql_fetchrow($db->sql_query("SELECT user_email FROM ".$user_prefix."_users WHERE username='$order_uname'"));
	$subject = ""._MAIL01." $sitename";
	$msgtext = ""._MAIL02."\n\n";
	$msgtext .= "$msg\n\n";
	$msgtext .= ""._MAIL3."\n";
	$msgtext .= "$sitename\n$nukeurl\n";
	$to = $order_uemail;
	$mailheaders = "Content-Type: text/plain; charset="._CHARSET."\n";
	$mailheaders .= "From: $sitename <$adminmail>\n";
	mail($to, $subject, $msgtext, $mailheaders);
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._CONFORDER2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_orders\">";
    CloseTable();
    include("../footer.php");
    }
    else {
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._CHEINSTATUS."</b><br><br>";
    echo ""._STATUSNOTE."<br><br>";
    echo "[ <a href=\"admin.php?op=shop_orders\"><b>"._NO."</b></a> | <a href=\"admin.php?op=shop_order_confirm&amp;order_id=$order_id&amp;ok=1\"><b>"._YES."</b></a> ]</center><br><br>";
    CloseTable();
    include("../footer.php");
    }
}

function shop_order_delit($order_id, $ok) {
    global $prefix, $db;
    $order_id = intval($order_id);
    if($ok) {
    $db->sql_query("DELETE FROM ".$prefix."_shop_orders WHERE order_id='$order_id'");
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._DELORDERS2."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_orders\">";
    CloseTable();
    include("../footer.php");
    }
    else {
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._DELORDERS."</b><br><br>";
    echo ""._DELORNOTE."<br><br>";
    echo "[ <a href=\"admin.php?op=shop_orders\"><b>"._NO."</b></a> | <a href=\"admin.php?op=shop_order_delit&amp;order_id=$order_id&amp;ok=1\"><b>"._YES."</b></a> ]</center><br><br>";
    CloseTable();
    include("../footer.php");
    }
}

function shop_goods_list($status, $srok) {
    global $prefix, $db, $pagenum, $cur;
    if ($status == "") { $status = "1"; }
    if ($srok == "") { $srok = "1"; }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._ADMINGOODS."</b><br><br>"
    ."<a href=admin.php?op=shop_goods_list&status=1>"._ACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0>"._NOACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0&srok=0>"._SGOOGSLIMITED."</a> | "
    ."<a href=admin.php?op=shop_add_goods>"._ADDGOODS."</a> | "
    ."<a href=admin.php?op=shop_price>"._SPRICE2."</a></center><br><br>";
    $xdate = time();
    if ($status == "1") { echo "<center><b>"._ACTIVGOODS."</b></center>"; $st = "WHERE status = '1'"; }
    if ($status == "0" && $srok== "1") { echo "<center><b>"._NOACTIVGOODS."</b></center>"; $st = "WHERE status = '0' AND (limit_date>'$edate' OR limit_date='0')"; }
    if ($status == "0" && $srok== "0") { echo "<center><b>"._SGOOGSLIMITED."</b></center>"; $st = "WHERE status = '0' AND limit_date='-1'"; }

    $storynum = 20;
    if ($pagenum == "") { $pagenum = 1; $storynum = $storynum; }
    $offset = ($pagenum-1) * $storynum;

    $csql = "SELECT * FROM ".$prefix."_shop $st ORDER BY pid DESC LIMIT $offset, $storynum";
    $cresult = $db->sql_query($csql);
    $num = $db->sql_numrows($cresult);
    if ($num == 0) {
    echo "<center><br><br><b>"._NOUGOODS."</b><br><br></center>";
    } else {
    echo "<form action=\"admin.php\" method=\"post\">";
    echo "<br><table width=\"100%\" border=\"1\" cellpadding=\"4\" cellspacing=\"0\"><tr bgcolor=#EFEFEF>"
    ."<td><b>"._GOODSTITLE."</td><td align=center><b>"._GOODSPRICE."</td><td align=center><b>"._SLIMIT."</td><td align=center><b>"._ADMINENTER."</td></tr>";
    while ($row = $db->sql_fetchrow($cresult)) {
    if ($b == 1) { $bg = "bgcolor=\"#EFEFEF\""; }
    else { $bg = ""; }
    echo "<tr $bg><td>$row[title]</td>";
    echo "<td align=center>".number_format($row[price], 0, '.', ' ')." ".$cur."</td>";
    if ($row[limit_date] > 0) {
            $srok2 = date("j.n.Y G:i",$row[limit_date]);
        } elseif ($row[limit_date]==0) {
            $srok2 = ""._SUNLIMITED."";
        } else {
            $srok2 = ""._SLIMITED."";
        }
    echo "<td align=center>$srok2</td>";
    if ($status == "1") {
        $tt =  "<tr><td colspan=4 align=center>";
        $tt .= "<input type=\"hidden\" name=\"act\" value=\"off\">";
        $tt .= "<input type=\"hidden\" name=\"op\" value=\"shop_status_goods\">";
        $tt .= " <input type=\"submit\" value=\""._OFFPAGE2."\"></td></tr>";
    } elseif (($status == "0") && (($row[limit_date]=='0') || ($row[limit_date] > $row[date]))) {
       $tt =  "<tr><td colspan=4 align=center>";
       $tt .= "<input type=\"hidden\" name=\"act\" value=\"on\">";
       $tt .= "<input type=\"hidden\" name=\"op\" value=\"shop_status_goods\">";
       $tt .= " <input type=\"submit\" value=\""._ONPAGE2."\"></td></tr>";
    } else {
            $tt =  "<tr><td colspan=4 align=center>";
    $tt .= ""._SLIMIT3." ("._GR_EXPIRENOTE."):<br><select name='newday'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 31; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                $tt .= "<option value='$r'>$i</option>\n";
            }
    $tt .= "</select><b>/</b><select name='newmonth'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 12; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                $tt .= "<option value='$r'>$i</option>\n";
            }
    $tt .= "</select><b>/</b><select name='newyear'>\n<option value='0000'>----</option>\n";
            for($i = date("Y"); $i <= date("Y")+5; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                $tt .= "<option value='$r'>$i</option>\n";
            }
    $tt .= "</select> <select name='newhour'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 23; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                $tt .= "<option value='$r'>$i</option>\n";
            }
    $tt .= "</select><b>:</b><select name='newmin'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 59; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                $tt .= "<option value='$r'>$i</option>\n";
        }
        $tt .= "</select><b>:00</b>";
        $tt .= "<input type=\"hidden\" name=\"op\" value=\"shop_newlimit\">";
        $tt .= " <input type=\"submit\" value=\""._SLIMIT5."\"></td></tr>";
    }
    echo "<td align=center><input type=\"checkbox\" name=\"pid[]\" value=\"$row[pid]\"> <a href=admin.php?op=shop_delit_goods&pid=$row[pid]>"._DELPAGE."</a> | <a href=admin.php?op=shop_edit_goods&pid=$row[pid]>"._EDITPAGE."</a></td></tr>";
    $b++; if ($b==2) { $b=0; }
    }
    echo "$tt";
    echo "</table><br>";
    echo "</form>";
    }

    #START Page Numbers
    $sql_pn = "select * from ".$prefix."_shop $st";
    $result_pn = $db->sql_query($sql_pn);
    $numstories = $db->sql_numrows($result_pn);
    @$numpages = ceil($numstories / $storynum);
    if ($numpages > 1) {
        echo "<hr><center>" ;
        if ($pagenum > 1) {
            $prevpage = $pagenum - 1 ;
                        $leftarrow = "../images/left.gif" ;
                echo "<a href=\"admin.php?op=shop_goods_list&status=$status&amp;srok=$srok&amp;pagenum=$prevpage\">";
                echo "<img src=\"$leftarrow\" align=\"absmiddle\" border=\"0\" hspace=\"10\"></a>";
        }
        for ($i=1; $i < $numpages+1; $i++) {

            if ($i == $pagenum) {
                echo "<b>$i</b>";
            }
            else {
            $pagelink = 5;
            if (($i > $pagenum) AND ($i < $pagenum+$pagelink) OR ($i < $pagenum) AND ($i > $pagenum-$pagelink)) {
            echo " <a href=\"admin.php?op=shop_goods_list&status=$status&amp;srok=$srok&amp;pagenum=$i\">$i</a> ";
            }
            if (($i == $numpages) AND ($pagenum < $numpages-$pagelink)){
            echo "... <a href=\"admin.php?op=shop_goods_list&status=$status&amp;srok=$srok&amp;pagenum=$i\">$i</a>";
            }
            if (($i == 1) AND ($pagenum > 1+$pagelink)){
            echo "<a href=\"admin.php?op=shop_goods_list&status=$status&amp;srok=$srok&amp;pagenum=$i\">$i</a> ...";
            }
            }
        }
        if ($pagenum < $numpages) {
            $nextpage = $pagenum + 1 ;
                        $rightarrow = "../images/right.gif" ;
                echo "<a href=\"admin.php?op=shop_goods_list&status=$status&amp;srok=$srok&amp;pagenum=$nextpage\">";
                echo "<img src=\"$rightarrow\" align=\"absmiddle\" border=\"0\" hspace=\"10\"></a>";
        }
        echo "</center>" ;
    }
    #END Page Numbers
    CloseTable();
    include("../footer.php");
}

function shop_blockgoods() {
    global $prefix, $db, $cur;
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
       $pic_dir = "../modules/Shop/block_pic";
       $f_name = "";
   if ($handle = opendir($pic_dir)) {
   $a = 0;
   while (false !== ($file = readdir($handle))) {
   if ($file=='.' || $file=='..') continue;
   $f_name[$a] = $file;
   $a++;
   }
   closedir($handle);
   }
   if ($f_name != "") {
   echo "<center><b>"._ADMINGOODSBLOCK."</b><br><br>";
   echo "<form action=\"admin.php\" method=\"post\">";
    echo "<br><table width=\"100%\" border=\"1\" cellpadding=\"4\" cellspacing=\"0\"><tr bgcolor=#EFEFEF>"
    ."<td><b>"._GOODSTITLE."</td><td align=center><b>"._GOODSPRICE."</td><td align=center><b>"._SLIMIT."</td><td align=center><b>"._ADMINENTER."</td></tr>";
    for ($e=0; $e < sizeof($f_name); $e++) {
    $cresult = $db->sql_query("SELECT * FROM ".$prefix."_shop WHERE status = '1' AND pic='$f_name[$e]' AND pic!=''");
    if ($db->sql_numrows($cresult) == 1) {
        $row = $db->sql_fetchrow($cresult);
        if ($b == 1) { $bg = "bgcolor=\"#EFEFEF\""; }
    else { $bg = ""; }
    echo "<tr $bg><td>$row[title]</td>";
    echo "<td align=center>".number_format($row[price], 0, '.', ' ')." ".$cur."</td>";
    if ($row[limit_date] > 0) {
            $srok2 = date("j.n.Y G:i",$row[limit_date]);
        } elseif ($row[limit_date]==0) {
            $srok2 = ""._SUNLIMITED."";
        } else {
            $srok2 = ""._SLIMITED."";
        }
    echo "<td align=center>$srok2</td>";
    echo "<td align=center><input type=\"checkbox\" name=\"pic[]\" value=\"$row[pic]\"> <a href=admin.php?op=shop_delit_goods&pid=$row[pid]>"._DELPAGE."</a> | <a href=admin.php?op=shop_edit_goods&pid=$row[pid]>"._EDITPAGE."</a></td></tr>";
    $b++; if ($b==2) { $b=0; }
    }
    }
    echo  "<tr><td colspan=4 align=center>";
    echo "<input type=\"hidden\" name=\"op\" value=\"shop_blockgoods_del\">";
    echo " <input type=\"submit\" value=\""._ADMINGOODSBLOCK2."\"></td></tr>";
    echo "</table><br>";
    echo "</form><br><br>";
   }
    echo "<center><form action=\"admin.php\" method=\"post\">";
    echo "<b>"._ADMINGOODSBLOCK3."</b><br><br>";
    $fsql = "SELECT * FROM ".$prefix."_shop WHERE status = '1' AND pic!=''";
    $fresult = $db->sql_query($fsql);
    echo "<select name='addpic'>\n";
    while ($row = $db->sql_fetchrow($fresult)) {
        $testpic = $row[pic];
        $testtitle = $row[title];
        if (!in_array($testpic, $f_name)) {
        echo "<option name='addpic' value='$testpic'>$testtitle</option>\n";
        }
    }
    echo "</select>";
    echo "<input type=\"hidden\" name=\"op\" value=\"shop_blockgoods_add\">";
    echo " <input type=\"submit\" value=\""._ADD."\">";
    echo "</form></center>";
    CloseTable();
    include("../footer.php");
}

function shop_blockgoods_add($addpic) {
    global $trumb_quality, $width_block;
      if (file_exists("../modules/Shop/pic/$addpic")) {
      $path_block = "../modules/Shop/pic/$addpic";
      $res2 = copy($path_block, "../modules/Shop/block_pic/$addpic");
      if (!$res2) { eror_message($eror=3); exit; }
      $path_real = "../modules/Shop/block_pic/$addpic";
      $src_img=ImageCreateFromJpeg("$path_real");
      $src_width=ImagesX($src_img);
      $src_height=ImagesY($src_img);
      $dest_width=$width_block;
      $dest_height=$src_height/($src_width/$dest_width);
      $quality=$trumb_quality;
      $dest_img=ImageCreateTrueColor($dest_width, $dest_height);
      ImageCopyResampled($dest_img, $src_img, 0, 0, 0, 0, $dest_width, $dest_height, $src_width, $src_height);
      $res3 = ImageJpeg($dest_img, $path_real, $quality);
      if (!$res3) { eror_message($eror=4); exit; }
      ImageDestroy($dest_img);
      }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._ADMINGOODSBLOCK5."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_blockgoods\">";
    CloseTable();
    include("../footer.php");
}

function shop_blockgoods_del($pic) {
for ($d=0; $d < sizeof($pic); $d++) {
@unlink("../modules/Shop/block_pic/$pic[$d]");
}
Header("Location: admin.php?op=shop_blockgoods");
}

function shop_newlimit($pid, $newday, $newmonth, $newyear, $newhour, $newmin) {
    global $prefix, $db;
    $xdate = time();
    $datenew = $newyear."-".$newmonth."-".$newday." ".$newhour.":".$newmin.":00";
    if ($datenew == "0000-00-00 00:00:00") { $ydate = "0"; } else { $ydate = strtotime($datenew); }
    if ($ydate!="0" AND $ydate <= $xdate) { eror_message($eror=9); exit; }
    for ($h=0; $h < sizeof($pid); $h++) {
    $db->sql_query("UPDATE ".$prefix."_shop SET limit_date='$ydate', status='1'  WHERE pid='$pid[$h]'");
    }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._SLIMIT4."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_goods_list&status=0&srok=0\">";
    CloseTable();
    include("../footer.php");
}

function shop_price() {
    global $prefix, $db;
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._ADMINGOODS."</b><br><br>"
    ."<a href=admin.php?op=shop_goods_list&status=1>"._ACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0>"._NOACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0&srok=0>"._SGOOGSLIMITED."</a> | "
    ."<a href=admin.php?op=shop_add_goods>"._ADDGOODS."</a> | "
    ."<a href=admin.php?op=shop_price>"._SPRICE2."</a></center><br><br>";
    echo "<center><b>"._CHEINSPRICES."</b><br><br>"._PRICENOTE."<br><br>";
    $cresult = $db->sql_query("select cid, cat_title, parentid from ".$prefix."_shop_categories order by parentid, cat_title");
    if ($numrows = $db->sql_numrows($cresult) > 0) {
     while ($row = $db->sql_fetchrow($cresult)) {
     $cid2 = $row[cid];
     $title = $row[cat_title];
     $parentid2 = $row[parentid];
                if ($parentid2!=0) $title=getparent($parentid2,$title);
                echo "<li><a href=\"admin.php?op=shop_price_list&cid=$cid2\">$title</a></li>";
                }
          echo"<br><br>";
    } else {
    echo ""._NOUCAT."<br><br>";
    }
    CloseTable();
    include("../footer.php");
}

function shop_price_list($cid) {
    global $prefix, $db, $cur;
    if ($db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_shop_categories WHERE cid='$cid'")) != 1) {
        Header("Location: admin.php?op=shop_price");
        exit();
    }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._ADMINGOODS."</b><br><br>"
    ."<a href=admin.php?op=shop_goods_list&status=1>"._ACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0>"._NOACTIVGOOD."</a> | "
    ."<a href=admin.php?op=shop_goods_list&status=0&srok=0>"._SGOOGSLIMITED."</a> | "
    ."<a href=admin.php?op=shop_add_goods>"._ADDGOODS."</a> | "
    ."<a href=admin.php?op=shop_price>"._SPRICE2."</a></center><br><br>";
    echo "<center><b>"._CHEINSPRICES."</b><br><br>";
    $prresult = $db->sql_query("SELECT * FROM ".$prefix."_shop WHERE cid=$cid ORDER BY title");
    $num = $db->sql_numrows($prresult);
    if ($num == 0) {
    echo "<center><br><br><b>"._NOUGOODSCAT."</b><br><br></center>";
    } else {
    echo "<form action=\"admin.php\" method=\"post\">";
    echo "<br><table width=\"100%\" border=\"1\" cellpadding=\"4\" cellspacing=\"0\"><tr bgcolor=#EFEFEF>"
    ."<td><b>"._GOODSTITLE."</td><td align=center><b>"._GOODSPRICE."</td><td align=center><b>"._NEWLIMIT."</td></tr>";
    while ($row = $db->sql_fetchrow($prresult)) {
    if ($b == 1) { $bg = "bgcolor=\"#EFEFEF\""; }
    else { $bg = ""; }
    echo "<tr $bg><td width=\"70%\">$row[title]</td>";
    echo "<td align=center><input type=\"hidden\" name=\"pid[]\" value=\"$row[pid]\">"
    ."<input type=\"text\" name=\"newprice[]\" size=\"5\" value=\"".number_format($row[price], 0, '.', '')."\"> $cur</td>"
    ."<td align=center><input type=\"checkbox\" name=\"newlimit[]\" value=\"1\"></td></tr>";
    $b++; if ($b==2) { $b=0; }
    }
    echo "<tr><td align=center colspan=3>";
    echo ""._SLIMIT2.":<br><select name='newday'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 31; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newmonth'>\n<option value='00'>--</option>\n";
    for($i = 1; $i <= 12; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>/</b><select name='newyear'>\n<option value='0000'>----</option>\n";
            for($i = date("Y"); $i <= date("Y")+5; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select> <select name='newhour'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 23; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:</b><select name='newmin'>\n<option value='00'>--</option>\n";
    for($i = 0; $i <= 59; $i++){
                if($i < 10) { $r = "0".$i; } else { $r = $i; }
                echo "<option value='$r'>$i</option>\n";
            }
    echo "</select><b>:00</b><br>"._GR_EXPIRENOTE."</td></tr>";
    echo "</table><br>";
    echo "<input type=\"hidden\" name=\"op\" value=\"shop_newprice_save\">"
    ."<br><br><input type=\"submit\" value=\""._CHPRICE."\">"
    ."</form><br><br>";
    }
    CloseTable();
    include("../footer.php");
}

function shop_newprice_save($pid, $newprice, $newlimit, $newday, $newmonth, $newyear, $newhour, $newmin) {
    global $prefix, $db;
    $xdate = time();
    $datenew = $newyear."-".$newmonth."-".$newday." ".$newhour.":".$newmin.":00";
    if ($datenew == "0000-00-00 00:00:00") { $ydate = "0"; } else { $ydate = strtotime($datenew); }
    if ($newlimit!="") {
    if ($ydate!="0" AND $ydate <= $xdate) { eror_message($eror=9); exit; }
    }
    $number_pr = count($newprice);
    for($p=0;$p<$number_pr;$p++) {
        if ($newlimit[$p] == 1) {
        $db->sql_query("UPDATE ".$prefix."_shop SET price='$newprice[$p]', limit_date='$ydate'  WHERE pid='$pid[$p]'");
        } else {
        $db->sql_query("UPDATE ".$prefix."_shop SET price='$newprice[$p]'  WHERE pid='$pid[$p]'");
        }
    }
    include("../header.php");
    GraphicAdmin();
    OpenTable();
    menu();
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<br><br><b><center>"._SPRICE3."</b></center><br><br>";
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=admin.php?op=shop_price\">";
    CloseTable();
    include("../footer.php");
}

switch ($op) {

    case "shop":
    shop();
    break;

    case "OrderShopCategory":
    OrderShopCategory($weightrep,$weight,$catidrep,$catidori);
    break;

    case "shop_cat":
    shop_cat();
    break;

    case "shop_add_category":
    shop_add_category($title, $description, $cat_pic, $clanguage, $cid, $view, $groups);
    break;

    case "shop_edit_category":
    shop_edit_category($cid);
    break;

    case "shop_save_category":
    shop_save_category($cid, $title, $description, $cat_pic, $clanguage, $parentid, $weight, $view, $groups);
    break;

    case "shop_del_category":
    shop_del_category($cid, $ok);
    break;

    case "shop_add_goods":
    shop_add_goods();
    break;

    case "shop_save_goods":
    shop_save_goods($title, $price, $cid, $addition, $description, $firm, $site_firm, $status, $show_home, $newday, $newmonth, $newyear, $newhour, $newmin);
    break;

    case "shop_delit_goods":
    shop_delit_goods($pid, $ok);
    break;

    case "shop_status_goods":
    shop_status_goods($pid, $act);
    break;
    
    case "shop_home_goods":
    shop_home_goods($pid, $act);
    break;
    
    case "shop_action_off":
    shop_action_off($pid);
    break;
    
    case "shop_action_add":
    shop_action_add($pid);
    break;
    
    case "shop_action_on":
    shop_action_on($pid, $limit_date, $newday, $newmonth, $newyear, $newhour, $newmin, $price, $aprice);
    break;
    
    case "shop_edit_goods":
    shop_edit_goods($pid);
    break;
    
    case "shop_edit_save":
    shop_edit_save($pid, $cid, $title, $addition, $description, $firm, $site_firm, $pic, $del_pic, $limit_date, $newlimit, $newday, $newmonth, $newyear, $newhour, $newmin, $price, $status, $show_home);
    break;
    
    case "shop_orders":
    shop_orders($status);
    break;
    
    case "shop_order_confirm":
    shop_order_confirm($order_id, $ok);
    break;
    
    case "shop_order_delit":
    shop_order_delit($order_id, $ok);
    break;
    
    case "shop_goods_list":
    shop_goods_list($status, $srok);
    break;

    case "shop_newlimit":
    shop_newlimit($pid, $newday, $newmonth, $newyear, $newhour, $newmin);
    break;
    
    case "shop_price":
    shop_price();
    break;
    
    case "shop_price_list":
    shop_price_list($cid);
    break;

    case "shop_newprice_save":
    shop_newprice_save($pid, $newprice, $newlimit, $newday, $newmonth, $newyear, $newhour, $newmin);
    break;

    case "shop_blockgoods":
    shop_blockgoods();
    break;

    case "shop_blockgoods_add":
    shop_blockgoods_add($addpic);
    break;

    case "shop_blockgoods_del":
    shop_blockgoods_del($pic);
    break;

}
} else {
    echo "Access Denied";
}

?>
